Remote browsing session management

US 9,374,244 B1
Filed: 02/27/2012
Issued: 06/21/2016
Est. Priority Date: 02/27/2012
Status: Active Grant

First Claim

Patent Images

1. A computer-implemented method for detecting differences between digital certificates, the method comprising:

under the control of a server system comprising one or more hardware-based computer processors configured to execute specific instructions, wherein the server system is separate from a content source and a user computing device,receiving, by the server system, a first certificate data from the user computing device, the first certificate data comprising a first digital certificate asserting the identity of the content source, wherein the first digital certificate is signed by a certificate authority, and wherein the first digital certificate was previously obtained by the user computing device in connection with a secure content request, originating from the user computing device, for content hosted by the content source; and

in response to receiving the first certificate data from the user computing device;

retrieving, by the server system, a second certificate data from the content source responsive to a request transmitted by the server system to the content source, the second certificate data comprising a second digital certificate identifying the same content source as the first digital certificate, the second digital certificate signed by a certificate authority; and

determining, by the server system, that the first digital certificate is fraudulent based at least partly on comparing the first certificate data to the second certificate data and identifying a difference.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A process is directed to the generation and processing of server identification data by a network computing provider. A client computing device transmits data identifying a server associated with a content source. The identification data can include a digital certificate signed by a third-party certificate authority, a DNS record from a third-party DNS server, etc. The network computing provider comprises one or more physical computing devices for processing the identification data received from any number of client computing devices. The network computing provider can alert the client computing device, content source, or DNS server when erroneous or potentially fraudulent identification data is detected. The network computing provider can also store the identification data and provide content sources and DNS servers with access to the identification data received from client computing devices.

Citations

28 Claims

1. A computer-implemented method for detecting differences between digital certificates, the method comprising:
- under the control of a server system comprising one or more hardware-based computer processors configured to execute specific instructions, wherein the server system is separate from a content source and a user computing device,receiving, by the server system, a first certificate data from the user computing device, the first certificate data comprising a first digital certificate asserting the identity of the content source, wherein the first digital certificate is signed by a certificate authority, and wherein the first digital certificate was previously obtained by the user computing device in connection with a secure content request, originating from the user computing device, for content hosted by the content source; and
  
  in response to receiving the first certificate data from the user computing device;
  
  retrieving, by the server system, a second certificate data from the content source responsive to a request transmitted by the server system to the content source, the second certificate data comprising a second digital certificate identifying the same content source as the first digital certificate, the second digital certificate signed by a certificate authority; and
  
  determining, by the server system, that the first digital certificate is fraudulent based at least partly on comparing the first certificate data to the second certificate data and identifying a difference.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The computer-implemented method of claim 1, wherein the difference between the first certificate data and the second certificate data comprises the certificate authority signing the first digital certificate being different than the certificate authority signing the second digital certificate.
  - 3. The computer-implemented method of claim 1 further comprising generating an alert to the user computing device in response to identifying the difference.
  - 4. The computer-implemented method of claim 1 further comprising generating an alert to the content source in response to identifying the difference.
  - 5. The computer-implemented method of claim 1 further comprising storing at least one of the first certificate data, the second certificate data, or data indicating the difference between the first certificate data and the second certificate data.
  - 6. The computer-implemented method of claim 5 further comprising:
    - receiving a plurality of certificate data from a plurality of user computing devices, each of the plurality of certificate data received from the plurality of user computing devices comprising a digital certificate asserting the identity of the content source; and
      
      identifying a difference between the first certificate data and at least one of the plurality of certificate data received from the plurality of user computing devices.
  - 7. The computer-implemented method of claim 5 further comprising providing the content source with access to at least a portion of the first certificate data.
  - 8. The computer-implemented method of claim 1, further comprising determining a likelihood probability that the first digital certificate is fraudulent based at least in part on the difference.
  - 9. The computer-implemented method of claim 1, wherein comparing the first certificate data to the second certificate data comprises at least one of:
    - comparing an IP address identified in the first certificate data to an IP address in the second certificate data;
      
      comparing a serial number in the first certificate data to a serial number in the second certificate data;
      
      or comparing a certificate authority identified in the first certificate data to a certificate authority identified in the second certificate data.

10. A system for detecting differences between digital certificates, the system comprising:
- a network computing provider comprising a network computing component executing on one or more physical network computing devices, wherein each physical network computing device comprises hardware configurable to execute specific computing instructions, the network computing component configured to;
  
  receive a first certificate data from a user computing device, the first certificate data comprising a first digital certificate asserting the identity of a content source separate from the network computing provider and the user computing device, the first digital certificate signed by a certificate authority, wherein the first digital certificate was previously obtained by the user computing device in connection with a secure content request, originating from the user computing device, for content hosted by the content source;
  
  receive a plurality of related certificate data from one or more other user computing devices separate from the user computing device, each of the related certificate data comprising a digital certificate asserting the identity of the same content source as the first certificate data, wherein each of the digital certificates of the related certificate data was previously obtained by a respective user computing device, of the one or more other user computing devices, in connection with a secure content request, originating from the respective user computing device, for content hosted by the content source;
  
  determine representative certificate data from the plurality of related certificate data based at least partly on an analysis of the plurality of related certificate data; and
  
  determine whether the first digital certificate is fraudulent based at least partly on a difference between the first certificate data and the representative certificate data.
- View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
- - 11. The system of claim 10, wherein the difference between the first certificate data and the representative certificate data comprises the certificate authority signing the first digital certificate being different than the certificate authority signing the digital certificate of the representative certificate data.
  - 12. The system of claim 10 further comprising generating an alert to the user computing device in response to determining the difference.
  - 13. The system of claim 10 further comprising generating an alert to the content source in response to determining the difference.
  - 14. The system of claim 10 further comprising storing the first certificate data.
  - 15. The system of claim 14 further comprising providing the content source with access to at least a portion of the first certificate data.
  - 16. The system of claim 10 further comprising determining the first digital certificate to be fraudulent based at least in part on the difference.
  - 17. The system of claim 10, wherein the analysis of the plurality of related certificate data comprises:
    - identifying a subset of the plurality of related certificate data based at least partly on a common characteristic of user computing devices from which individual certificate data of the subset of the plurality of related certificate data was received; and
      
      selecting the representative certificate data from the plurality of related certificate data, wherein the user computing device from which the first certificate data was received is associated with the common characteristic.
  - 18. The system of claim 17, wherein the common characteristic comprises a geographic location or a device profile.

19. A computer-implemented method for detecting differences between DNS records, the method comprising:
- under the control of a network computing component executing on one or more physical computing components of a network computing provider, the physical computing components configured to execute specific instructions,receiving, by the network computing component, a first DNS record from a user computing device, the first DNS record comprising a first IP address of a content source separate from the user computing device, wherein the first DNS record was previously obtained by the user computing device in connection with a content request, originating from the user computing device, for content hosted by the content source; and
  
  in response to receiving the first DNS record from the user computing device;
  
  receiving, by the network computing component, a second DNS record from a DNS server, the second DNS record comprising a second IP address of the same content source as the first DNS record; and
  
  determining, by the network computing component, whether the first DNS record is fraudulent based at least partly on a difference between the first DNS record and the second DNS record.
- View Dependent Claims (20, 21, 22, 23, 24, 25)
- - 20. The computer-implemented method of claim 19, wherein the difference between the first DNS record and second DNS record comprises the first IP address being different than the second IP address.
  - 21. The computer-implemented method of claim 19 further comprising generating an alert to the user computing device in response to determining the difference.
  - 22. The computer-implemented method of claim 19 further comprising generating an alert to a DNS provider in response to determining the difference, wherein the DNS provider manages the DNS server.
  - 23. The computer-implemented method of claim 19 further comprising storing the first DNS record.
  - 24. The computer-implemented method of claim 23 further comprising providing a DNS provider with access to at least a portion of the first DNS record, wherein the DNS provider manages the DNS server.
  - 25. The computer-implemented method of claim 19 further comprising determining the first DNS record to be fraudulent based at least in part on the difference.

26. A system for detecting variances in server identification data, the system comprising:
- a network computing provider comprising a network computing component executing on one or more physical network computing devices, wherein each physical network computing device comprises hardware configurable to execute specific computing instructions, the network computing component configured to;
  
  receive a plurality of certificate data from a plurality of user computing devices, each of the plurality of certificate data comprising a digital certificate, signed by a certificate authority, asserting the identity of a content source separate from the plurality of user computing devices and separate from the network computing provider, wherein each of the digital certificates of the plurality of certificate data was previously obtained by a respective user computing device of the plurality of user computing devices in connection with a secure content request, originating from the respective user computing device, for content hosted by the content source;
  
  store, in an electronic data store, the plurality of certificate data received from the plurality of user computing devices; and
  
  provide access to at least a portion of the plurality of certificate data stored in the electronic data store, wherein the access is provided to the content source and wherein the portion of the plurality of certificate data is associated with the content source.
- View Dependent Claims (27, 28)
- - 27. The system of claim 26, the network computing component further configured to:
    - receive a plurality of DNS records from the plurality of user computing devices, each of the plurality of DNS records comprising an IP address for the content source;
      
      store, in the electronic data store, the plurality of DNS records received from the plurality of user computing devices; and
      
      provide access to at least a portion of the plurality of DNS records received from the plurality of user computing devices, wherein the access is provided to a DNS provider, and wherein the portion of the plurality of DNS records is associated with the DNS provider.
  - 28. The system of claim 26, the network computing component further configured to:
    - receive geographical information from at least one of the plurality of user computing devices, the geographical information indicating a physical geographic location of the at least one of the plurality of user computing devices;
      
      store, in the electronic data store, the geographic information received from the at least one of the plurality of user computing devices; and
      
      provide access to at least a portion of the geographic information received from the at least one of the plurality of user computing devices, the access provided to the content source.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Amazon Technologies, Inc. (Amazon.com, Inc.)
Original Assignee
Amazon Technologies, Inc. (Amazon.com, Inc.)
Inventors
Brandwine, Eric Jason
Primary Examiner(s)
Vostal, O. C.

Application Number

US13/406,112
Time in Patent Office

1,576 Days
Field of Search

713/168
US Class Current

1/1
CPC Class Codes

H04L 21/00   Apparatus or local circuits...

H04L 61/4511   using domain name system [DNS]

H04L 63/0823   using certificates cryptogr...

Remote browsing session management

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

28 Claims

Specification

Solutions

Use Cases

Quick Links

Remote browsing session management

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

28 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links